I have set up a Hashicorp Vault server to enable the retrieval of secrets for macros that I wish to hide the values of. An obvious place to use this functionality would be specifying a user and password for an HTTP proxy in a web scenario. In the documentation it states 'Secret user macros must not be used in URLs as they will resolve to "******"' but does not state explicitly that the same applies to the HTTP proxy field. However, as soon as I include a macro of type 'secret text' or 'vault secret', the web scenario fails. If I change the macro to plain text, the the web scenario succeeds. I can retrieve the secret manually via a curl command or use the same values successfully in a trivial test item (vfs.file.contents), so I know that the Zabbix/Vault configuration is correct.

Is this behaviour expected? And if so, are there any plans to include the required functionality in the future?

Zabbix version 6.2.3 on Ubuntu 20.04
Vault version 1.12.2 on Ubuntu 22.04
​